Vulnerability Details CVE-2018-10757
CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authentication Bypass, via a crafted username during a login attempt.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.052
EPSS Ranking 89.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://github.com/dukereborn/cmum/commit/c89158ec646c4e8e95587b650f6fd86b502ff8b5
- https://packetstormsecurity.com/files/147501/cspmysqlum231-sql.txt
- https://www.exploit-db.com/exploits/44589/
- https://github.com/dukereborn/cmum/commit/c89158ec646c4e8e95587b650f6fd86b502ff8b5
- https://packetstormsecurity.com/files/147501/cspmysqlum231-sql.txt
- https://www.exploit-db.com/exploits/44589/
Products affected by CVE-2018-10757
-
cpe:2.3:a:csp_mysql_user_manager_project:csp_mysql_user_manager:2.3.1